package com.douyin.authority;

import com.douyin.constant.JwtClaimsConstant;
import com.douyin.properties.JwtProperties;
import com.douyin.utils.JwtUtil;
import com.douyin.utils.SpringUtil;
import io.jsonwebtoken.Claims;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import org.hibernate.validator.constraints.pl.REGON;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.stereotype.Component;



public class BaseAuthority implements AuthorityVerify {


    @Override
    public Boolean authorityVerify(HttpServletRequest request, String[] permissions) {

        JwtProperties jwtProperties = SpringUtil.getBean(JwtProperties.class);
        try{
            String token = request.getHeader(jwtProperties.getTokenName());
            // 获取当前用户权限
            Claims claims = JwtUtil.parseJWT(jwtProperties.getSecretKey(), token);
            Long uId = Long.valueOf(claims.get(JwtClaimsConstant.USER_ID).toString());

            for (String permission : permissions) {
                if (!AuthorityUtils.verify(uId, permission)) {
                    return false;
                }
            }
        }catch (Exception e){
            return false;
        }

        return true;
    }
}
